Zuxxez, the German games software distributor, has hired lawyers to chase down about 500 British file sharers, launching the first in a series of swoops by computer forensic experts.
Law firm Davenport Lyons will use this case, its first "volume" job to stalk file sharers, to launch a specialist practice. A partner at the firm …

Disgusting

A disgusting bit of legal practice that assumes guilt before innocence, provides an "escape route" which involves paying them lots of money out-of-court, including signing a dubious legal disclaimer and does so in an unaccountable fashion (which may well be legally incorrect... not giving names etc. on official legal documents is a bit of a dodgy grey area to start off in, especially if they then go on to effectively demand money with menaces).

Yes, copyright infringement (not piracy, remember, you need a boat for that) is illegal. Yes, they "believe" these people to be involved. No, you can't just send threatening letters without a) verifying the claim (or asking the person themselves to verify it), b) providing evidence or c) going through the correct legal system in order to pursue your claim.

If you'd have sent a letter saying "We detected X. We think it's illegal. We'd quite like you to stop, or identify the person responsible." you would have a MUCH better chance of stopping people sharing it and also not get your own law firm into hot water.

As to responsibility of ensuring that computers stay virus-free, I refer you to the recent lawsuit in the US that the RIAA ***LOST*** because they tried that as an argument. It may be the user's responsibility (although you would have to find a law that says that, which might be tricky) but you can't sue them for the actions of a third-party if it was without their knowledge or consent.

And never EVER be threatened into signing a bit of paper that says anything - the second they demand that you sign any disclaimer, even if it's just saying that you will not break a law again (which is completely useless and unnecessary for this companies purpose as the law covers that perfectly well, thank you), you MUST get a lawyer in to check what you are signing.

Unbelieveable

"It is your responsibility to ensure that your computer is protected at all times"

So because your PC was infected / hacked, you are responsible for what's done with it?

So, by the same token, if your car is stolen and someone gets killed, its yor fault? Or, it was stolen and driven away by someone over the legal alcohol limit, so you are going to be fined and have your license taken from you?

Wikipedia? As a source of facts...?

> On the GPS location, you should read up on GPS Spoofing.

> http://en.wikipedia.org/wiki/Global_Positioning_System

> http://en.wikipedia.org/wiki/SAASM

If I wanted to read up on anything, I'd consult a reputable and authorative source of facts, not a hysterical hotch-potch of unreferenced crap, served up on the Internet by a pretty dubious cult that is run like a multi-level marketing scam...

Zuxxex

Zuxxex is the company behind "Earth 2160" and already used the tactic described in the article with that game in a similar attempt in Germany.

In 2005 Zuxxex employed law firm Schutt-Waetke to file charges against more than 20.000 German filesharers with the district attorney of Karlsruhe. Karlsruhe then, according to German law, had to investigate and, once a file was opened, the plaintiff who filed the charges had the right to be told the name and address of the defendant. Once Schutt-Waetke had the address, they used it to serve a cease & desist to the defendant, asking for a settlement around €150-650.

The data the law firm used to file the charges they received from Zuxxex, who in turn had contracted a Swiss company by the name "Logistep" to log IP numbers of suspected file sharers. Logistep claimed to have a sensational new method to get file sharers and apparently hoped to sell their services to other companies.

The interesting part is that Logistep doesn't seem to be much more than a mailbox at its Switzerland address and shares or has close connections to Zuxxex personnel: Leszek Oginski, who runs as CEO of Logistep, resides in Karlsruhe, the same place that Zuxxex calls home.

You may also notice that putting Logistep into Switzerland makes it harder for them to be prosecuted by anyone from the rest of Europe. And so far and to my knowledge Logistep never gathered data from filesharers in Switzerland.

Some people also argued that Zuxxex made more money through settlements concerning Earth 2160, a game receiving only mixed ratings in the press, than through the sales itself.

A business model? Maybe. Some might call it extortion. A district court in Mannheim denied Schutt-Waetke any fees they asked from a defendant, claiming the firm had already filed over 3700 similar cases and it was hard to see where such automated proceedings would require extensive work justifying any fees.

Well if you don't like wikipedia, perhaps Los Alamos Labs?

"I'd consult a reputable and authorative source of facts,"

Read up on GPS spoofing from whichever source you like. It is the third possibility here. That the Iranians were spoofed and were in the wrong place, because they used US GPS for location. A quick search of 'gps spoofing' shows up Los Alamos labs comments on it for example:

http://pearl1.lanl.gov/seals/spoof.htm

"In a paper to appear in The Journal of Security Administration, the VAT demonstrates how civilian GPS satellite signals can be easily spoofed, not just jammed. With spoofing, an adversary provides fake GPS signals. This convinces the GPS receiver that it is located in the wrong place and/or time. Remarkably, spoofing can be accomplished without having much knowledge about electronics, computers, or GPS itself. "

Or military embedded news:

http://www.mil-embedded.com/articles/holm/

SAASM = Selective Availability Anti-Spoofing Module .

"In 1998, the Joint Chiefs of Staff selected the Selective Availability Anti-Spoofing Module (SAASM) as the security architecture to bring the Global Positioning System (GPS) to the next level,"

"The need for improving GPS security came to the forefront even more this past December ('04) in an announcement by President George W. Bush in which he issued the Space-Based Positioning, Navigation, and Timing (PNT) policy. The PNT policy authorizes the improvement of the United States’ capabilities to deny hostile use of any space-based positioning, navigation, and timing services without unduly disrupting civil and commercial access."

That would explain why the Iranians would do something so dumb at a time when the USA wants to invade them. Effectively giving them an excuse.

Isn't this demanding money with menaces?

Usual caveat about not being a lawyer, but to me this sounds like demanding money with menaces.

If I were positive that this was wrong and didn't use file sharing at all, I'd be tempted to write back to them explaining that there had been a mistake and requesting a reasonable (eg £50) payment to cover my costs in investigating it.

If I were feeling particularly bored (or brave), and they failed to respond, I'd consider filing a small claims court claim for the amount. Since you can't claim for legal expenses in a small claims court and it would cost them more than the £250 to defend themselves, it might make them think twice about sending out "fishing" letters.

For more advice on where you stand, I'd try contacting Citizens Advice

Anonymity

Clearly, as the email addresses of Davenport Lyons' staff are public knowledge on their site (http://www.davenportlyons.com/html/about_us/partners.html) - as pointed out by several people on El Reg - one can only assume that the staff are not worried about their safety, but about the legality of what they are doing...

interesting possibility

It occurs to me that in the unlikely event of their legal case holding more than no water at all that the interesting consequence may be strong and valid grounds to test those lovely EULAs of which we are all so fond, because if I am responsible for securing my machine against rootkits, I cannot see that any rather restrictive EULA from say a virus software company, or more interestingly a largish operating system company could possibly absolve them from all responsibility for ensuring the non compromising of my machine assuming I am not negligent in my use of it.

It seems to me that the EULA would fall foul of the unfair contracts provisions simply because the legal position would otherwise leave the consumer in the untenable position of not safely being able to use a computer on the internet without leaving themselves exposed to legal and financial consequences over which they have no direct control.

Unfortunately this is probably evidence that these snake oil salesmen have no case, rather than that software is actually going to have to be written properly, but it's a nice idea.

Oh, and I am not a lawyer. nor a dentist, or a fireman, although I always wanted to be.

My response to their 'letter'

"In relation to your claim that your computer was hacked into, we regret that the security of your computer is not our concern. It is your responsibility to ensure that your computer is protected at all times."

I appreciate that the security of my computer is not your concern. Irresponsible though it may be, it is not unlawful to have an (unpatched computer/open wifi network/insert excuse here). I am able to provide evidence to back up my situation, and I am confident that, on the balance of probabilities (the level of proof required for civil cases), I can show that the actions you suggest were not carried out by me, and that I have no liability to your client.

In answer to your request for compensation, I refer you to the case of Arkell v Pressdram.

Allegations in contravention of the Fraud Act 2006 ?

These allegations against the "file sharers" and the associated threatening letter may be in breach of the wording of the Fraud Act 2006 (i'd love to see a solicitor clarify !)

http://www.opsi.gov.uk/ACTS/acts2006/ukpga_20060035_en.pdf

Fraud by false representation (Fraud Act 2006)

(1) A person is in breach of this section if he-

(a) dishonestly makes a false representation, and

(b) intends, by making the representation-

(i) to make a gain for himself or another, or

(ii) to cause loss to another or to expose another to a risk of loss.

(2) A representation is false if-

(a) it is untrue or misleading, and

(b) the person making it knows that it is, or might be, untrue or

misleading.

(3) "Representation" means any representation as to fact or law,

including a representation as to the state of mind of-

(a) the person making the representation, or

(b) any other person.

(4) A representation may be express or implied.

(5) For the purposes of this section a representation may be regarded as made if it (or anything implying it) is submitted in any form to any system or device designed to receive, convey or respond to communications (with or without human intervention)."

Reasonable costs

"Dirk Hassinger, sales director at Zuxxex Entertainment AG, which holds the European licence for Dream Pinball 3D, said it had tried to find lawyers prepared to charge low fees because he didn't want to "bankrupt" file sharers"

I find it hard to believe that they couldn't find a legal firm prepared to charge less than £125,000 for sending out 500 letters!

Since no cases have been officially opened yet this is all they can really charge for surely? Unless they have had 3 reasonably well paid solicitors working full time for the past 6 months researching this non-starter of a case! Perhaps if someone has the guts and resources to take them to court they can ask for the costs to be justified as well.

I'm Just Glad

I'm just glad that I made the decision a few years ago not to use closed-source software anymore. Since then, I've been running an "i-tal" GNU/Linux system* and loving it.

Honestly, how many more reasons does anyone need not to use closed-source software?

* (Well, mostly. I do confess to using Flash player, though installed in a sandbox and not system-wide, and Java before it went GPL. OTOH, I'm using the Open Source "nv" drivers for my graphics card. It's important to me that my kernel stays pure.)